public class MessageDigestPasswordEncoder
extends net.sf.acegisecurity.providers.encoding.BaseDigestPasswordEncoder
This class can be used stand-alone, or one of the subclasses can be used for compatiblity and convenience. When using this class directly you must specify a Message Digest Algorithm to use as a constructor arg
The encoded password hash is normally returned as Hex (32 char) version of
the hash bytes. Setting the encodeHashAsBase64 property to
true will cause the encoded pass to be returned as Base64 text,
which will consume 24 characters. See
BaseDigestPasswordEncoder.setEncodeHashAsBase64(boolean)
This PasswordEncoder can be used directly as in the following example:
<bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder"> <constructor-arg value="MD5"/> </bean>
Constructor and Description |
---|
MessageDigestPasswordEncoder(String algorithm)
The digest algorithm to use Supports the named Message Digest Algorithms in the Java environment.
|
MessageDigestPasswordEncoder(String algorithm,
boolean encodeHashAsBase64)
Convenience constructor for specifying the algorithm and whether or not
to enable base64 encoding
|
Modifier and Type | Method and Description |
---|---|
String |
encodePassword(String rawPass,
Object salt)
Encodes the rawPass using a MessageDigest.
|
String |
getAlgorithm() |
protected MessageDigest |
getMessageDigest()
Get a MessageDigest instance for the given algorithm.
|
boolean |
isPasswordValid(String encPass,
String rawPass,
Object salt)
Takes a previously encoded password and compares it with a rawpassword
after mixing in the salt and encoding that value
|
getEncodeHashAsBase64, setEncodeHashAsBase64
public MessageDigestPasswordEncoder(String algorithm)
algorithm
- Stringpublic MessageDigestPasswordEncoder(String algorithm, boolean encodeHashAsBase64) throws IllegalArgumentException
algorithm
- StringencodeHashAsBase64
- booleanIllegalArgumentException
- if an unknownpublic String encodePassword(String rawPass, Object salt)
rawPass
- The plain text passwordsalt
- The salt to sprinkleprotected final MessageDigest getMessageDigest() throws IllegalArgumentException
IllegalArgumentException
- if NoSuchAlgorithmException is thrownpublic boolean isPasswordValid(String encPass, String rawPass, Object salt)
encPass
- previously encoded passwordrawPass
- plain text passwordsalt
- salt to mix into passwordpublic String getAlgorithm()
Copyright © 2005–2017 Alfresco Software. All rights reserved.